You are viewing this page in an unauthorized frame window.
This is a potential security issue, you are being redirected to
https://nvd.nist.gov
An official website of the United States government
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
This CVE has been marked Rejected in the CVE List. These CVEs are stored in the NVD, but do not show up in search results by default.
Description
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Metrics
NVD enrichment efforts reference publicly available information to associate
vector strings. CVSS information contributed by other sources is also
displayed.
By selecting these links, you will be leaving NIST webspace.
We have provided these links to other web sites because they
may have information that would be of interest to you. No
inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web
sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with
the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on
these sites. Please address comments about this page to [email protected].
Title: kernel de Linux
Description: En el kernel de Linux, se resolvió la siguiente vulnerabilidad: bpf: Anotar bpf_long_memcpy con data_race syzbot informó una ejecución de datos entre dos procesos que intentaban actualizar el mismo valor del mapa BPF a través de una llamada al sistema en diferentes CPU: ERROR: KCSAN: ejecución de datos en bpf_percpu_array_update / bpf_percpu_array_update escribe en 0xffffe8fffe7425d8 de 8 bytes por tarea 8257 en la CPU 1: bpf_long_memcpy include/linux/bpf.h:428 [en línea] bpf_obj_memcpy include/linux/bpf.h:441 [en línea] copy_map_value_long include/linux/bpf.h: 464 [en línea] bpf_percpu_array_update+0x3bb/0x500 kernel/bpf/arraymap.c:380 bpf_map_update_value+0x190/0x370 kernel/bpf/syscall.c:175 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1749 pb f_map_do_batch+0x2df/ 0x3d0 kernel/bpf/syscall.c:4648 __sys_bpf+0x28a/0x780 __do_sys_bpf kernel/bpf/syscall.c:5241 [en línea] __se_sys_bpf kernel/bpf/syscall.c:5239 [en línea] __x64_sys_bpf+0x 43/0x50 núcleo/bpf/ syscall.c:5239 do_syscall_x64 arch/x86/entry/common.c:50 [en línea] do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80 Entry_SYSCALL_64_after_hwframe+0x63/0xcd escribir en 0xffffe8fffe7425d8 de 8 bytes por tarea 82 68 en la CPU 0: bpf_long_memcpy include/linux/bpf.h:428 [en línea] bpf_obj_memcpy include/linux/bpf.h:441 [en línea] copy_map_value_long include/linux/bpf.h:464 [en línea] bpf_percpu_array_update+0x3bb/0x500 kernel/ bpf/arraymap.c:380 bpf_map_update_value+0x190/0x370 kernel/bpf/syscall.c:175 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1749 bpf_map_do_batch+0x2df/0x3d0 kernel/bpf/syscall.c:4 648 __sys_bpf +0x28a/0x780 __do_sys_bpf kernel/bpf/syscall.c:5241 [en línea] __se_sys_bpf kernel/bpf/syscall.c:5239 [en línea] __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5239 do_syscall_x 64 arco/x86/entrada /common.c:50 [en línea] do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80 Entry_SYSCALL_64_after_hwframe+0x63/0xcd valor cambiado: 0x00000000000000000 -> 0xffffff000002788 El bpf_long_memcpy se
In the Linux kernel, the following vulnerability has been resolved:
bpf: Annotate bpf_long_memcpy with data_race
syzbot reported a data race splat between two processes trying to
update the same BPF map value via syscall on different CPUs:
BUG: KCSAN: data-race in bpf_percpu_array_update / bpf_percpu_array_update
write to 0xffffe8fffe7425d8 of 8 bytes by task 8257 on cpu 1:
bpf_long_memcpy include/linux/bpf.h:428 [inline]
bpf_obj_memcpy include/linux/bpf.h:441 [inline]
copy_map_value_long include/linux/bpf.h:464 [inline]
bpf_percpu_array_update+0x3bb/0x500 kernel/bpf/arraymap.c:380
bpf_map_update_value+0x190/0x370 kernel/bpf/syscall.c:175
generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1749
bpf_map_do_batch+0x2df/0x3d0 kernel/bpf/syscall.c:4648
__sys_bpf+0x28a/0x780
__do_sys_bpf kernel/bpf/syscall.c:5241 [inline]
__se_sys_bpf kernel/bpf/syscall.c:5239 [inline]
__x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5239
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
write to 0xffffe8fffe7425d8 of 8 bytes by task 8268 on cpu 0:
bpf_long_memcpy include/linux/bpf.h:428 [inline]
bpf_obj_memcpy include/linux/bpf.h:441 [inline]
copy_map_value_long include/linux/bpf.h:464 [inline]
bpf_percpu_array_update+0x3bb/0x500 kernel/bpf/arraymap.c:380
bpf_map_update_value+0x190/0x370 kernel/bpf/syscall.c:175
generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1749
bpf_map_do_batch+0x2df/0x3d0 kernel/bpf/syscall.c:4648
__sys_bpf+0x28a/0x780
__do_sys_bpf kernel/bpf/syscall.c:5241 [inline]
__se_sys_bpf kernel/bpf/syscall.c:5239 [inline]
__x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5239
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
value changed: 0x0000000000000000 -> 0xfffffff000002788
The bpf_long_memcpy is used with 8-byte aligned pointers
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Removed
Reference
Linux https://git.kernel.org/stable/c/5685f8a6fae1fbe480493b980a1fdbe67c86a094
Removed
Reference
Linux https://git.kernel.org/stable/c/6a86b5b5cd76d2734304a0173f5f01aa8aa2025e
Removed
Reference
Linux https://git.kernel.org/stable/c/e562de67dc9196f2415f117796a2108c00ac7fc6
CVE Rejected by kernel.org3/05/2024 6:15:07 PM
Action
Type
Old Value
New Value
New CVE Received from kernel.org3/02/2024 5:15:48 PM
In the Linux kernel, the following vulnerability has been resolved:
bpf: Annotate bpf_long_memcpy with data_race
syzbot reported a data race splat between two processes trying to
update the same BPF map value via syscall on different CPUs:
BUG: KCSAN: data-race in bpf_percpu_array_update / bpf_percpu_array_update
write to 0xffffe8fffe7425d8 of 8 bytes by task 8257 on cpu 1:
bpf_long_memcpy include/linux/bpf.h:428 [inline]
bpf_obj_memcpy include/linux/bpf.h:441 [inline]
copy_map_value_long include/linux/bpf.h:464 [inline]
bpf_percpu_array_update+0x3bb/0x500 kernel/bpf/arraymap.c:380
bpf_map_update_value+0x190/0x370 kernel/bpf/syscall.c:175
generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1749
bpf_map_do_batch+0x2df/0x3d0 kernel/bpf/syscall.c:4648
__sys_bpf+0x28a/0x780
__do_sys_bpf kernel/bpf/syscall.c:5241 [inline]
__se_sys_bpf kernel/bpf/syscall.c:5239 [inline]
__x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5239
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
write to 0xffffe8fffe7425d8 of 8 bytes by task 8268 on cpu 0:
bpf_long_memcpy include/linux/bpf.h:428 [inline]
bpf_obj_memcpy include/linux/bpf.h:441 [inline]
copy_map_value_long include/linux/bpf.h:464 [inline]
bpf_percpu_array_update+0x3bb/0x500 kernel/bpf/arraymap.c:380
bpf_map_update_value+0x190/0x370 kernel/bpf/syscall.c:175
generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1749
bpf_map_do_batch+0x2df/0x3d0 kernel/bpf/syscall.c:4648
__sys_bpf+0x28a/0x780
__do_sys_bpf kernel/bpf/syscall.c:5241 [inline]
__se_sys_bpf kernel/bpf/syscall.c:5239 [inline]
__x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5239
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
value changed: 0x0000000000000000 -> 0xfffffff000002788
The bpf_long_memcpy is used with 8-byte aligned pointers
Added
Reference
Linux https://git.kernel.org/stable/c/5685f8a6fae1fbe480493b980a1fdbe67c86a094 [No types assigned]
Added
Reference
Linux https://git.kernel.org/stable/c/6a86b5b5cd76d2734304a0173f5f01aa8aa2025e [No types assigned]
Added
Reference
Linux https://git.kernel.org/stable/c/e562de67dc9196f2415f117796a2108c00ac7fc6 [No types assigned]
Quick Info
CVE Dictionary Entry: CVE-2023-52521 NVD
Published Date: 03/02/2024 NVD
Last Modified: 03/05/2024
Source: kernel.org
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
